<?php
error_reporting(E_ALL && ~E_NOTICE);
    session_start();
/**
 * Created by PhpStorm.
 * User: Quyet
 * Date: 12/13/2014
 * Time: 09:20 AM
 */
include '../db/dbConnect.php';
include 'function/helper.php';

    if($_SERVER['REQUEST_METHOD'] == 'POST' && ($_POST['email'] && $_POST['frstName'] && $_POST['account'])){

        $email=escape($_POST['email']);

        $fstName=escape($_POST['frstName']);
        $lstName=escape($_POST['lstName']);
        $sex=escape($_POST['sex']);
        $aim=escape($_POST['aim']);
        $active=escape($_POST['active']);

        $root=escape($_POST['root']);

        $pass='';
        $sql='SELECT *
                FROM u_user
                WHERE email = "'.$email.'"
                and deleted=0';
        $result=mysql_query($sql);
        if(mysql_error()){
            echo ("Mysql ERROR: ".mysql_error());
            exit();
        }
        if(mysql_num_rows($result)){//email da ton tai
            echo 'duplicate';
            exit();
        }else{
            if($root && $active==2){
                $pass = md5('123456');
            }else{
                $pass = genPass(6, $email) ;
                $active=2;
            }


            $sql="INSERT INTO u_user (fstName,lstName, email, sex, aim,  password, active)
                          VALUES ( '".$fstName."', '".$lstName."', '".$email."', $sex, $aim, '".md5($pass.$email)."', '".$active."')";


            $result=mysql_query($sql);
            if(mysql_error()){
                echo "error";
                exit();
            }else{
                sendmail($email, $fstName, $pass);
                echo "success";
                exit();
            }
        }
    }else{
        die("die");
    }